<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    
    <!-- Try to avoid this showing up in search results if accidentally made public -->
    <meta name="robots" content="noindex">
    <meta name="googlebot" content="noindex">
    
    <title>CloudMapper IAM Report</title>
    
    <link href="../css/bootstrap.css" rel="stylesheet">
    <link href="../css/lato.css" rel="stylesheet">

    <link href="../css/report.css" rel="stylesheet">

    <link href="../css/font-awesome.css" rel="stylesheet">

    <script src="../js/chart.js"></script>
    <script src="../js/iam_report.js"></script>

    <link rel="icon" href="../favicon.ico" sizes="16x16 32x32 64x64" type="image/vnd.microsoft.icon">
</head>

<body>
        <div class="stretchforfooter">
            <div class="container">
                <nav class="navbar navbar-default" role="navigation">
                    <div class="navbar-header">
                        <a class="navbar-brand" href="https://summitroute.com"></a>
                    </div>
                    <div>
                        <ul class="nav navbar-nav navbar-right">
                            <li><h1>CloudMapper IAM Report</h1><i class="muted">Report developed by <a href="https://summitroute.com/">Summit Route</a></i></li>
                        </ul>
                    </div>
                </nav>
            </div>
    
            <hr class="gradient">
    
              <div class="container">
            <div class="row">
    
    <div class="content, report">
        <div class="row">
            <div class="col-sm-12">
            
Account: {{t.account_name}} ({{t.account_id}})<br>
Report generated: {{t.report_generated_time}}
{{t.graph}}

{% if t.users|length > 0 %}
    <h2><i class="fas fa-user"></i>Users</h2>
    <ul>
    {% for user in t.users %}
        <li><a href="#{{user.arn}}">{{user.name}}</a>: {{user.services_used}}/{{user.services_granted}}
        <div style="width:50%"><canvas id="serviceChart{{user.arn}}" width="200" height="15"></canvas></div>
        <script>makeServiceUnusedChart("serviceChart{{user.arn}}", {{user.services_used}}, {{user.services_granted}} - {{user.services_used}});</script> 
    {% endfor %}
    </ul>
{% endif %}


{% if t.roles|length > 0 %}
    <h2><i class="fas fa-user-astronaut"></i>Roles</h2>
    <ul>
    {% for role in t.roles %}
        <li><a href="#{{role.arn}}">{{role.name}}</a>: {{role.services_used}}/{{role.services_granted}}
        <div style="width:50%"><canvas id="serviceChart{{role.arn}}" width="200" height="15"></canvas></div>
        <script>makeServiceUnusedChart("serviceChart{{role.arn}}", {{role.services_used}}, {{role.services_granted}} - {{role.services_used}});</script> 
    {% endfor %}
    </ul>
{% endif %}


{% if t.inactive_principals|length > 0 %}
    <h2><i class="fas fa-user-clock"></i>Inactive principals</h2>
    <ul>
    {% for principal in t.inactive_principals %}
        <li><a href="#{{principal.arn}}">{{principal.icon}}{{principal.name}}</a>
    {% endfor %}
    </ul>
{% endif %}


<h2>In-depth analysis</h2>
{% for principal in t.principals %}
<div class="section"><a name="{{principal.arn}}"></a>
    <h3><a href="#{{principal.arn}}">{{principal.icon}}{{principal.name}}</a></h3>
    <table class="privs"><tr><th>Service<th>Days since last use<th>Privilege Source
    {% for service in principal.services %}
        <tr><td class="{{service.style}}">{{service.name}}<td class="{{service.style}}">{{service.last_use}}<td>{{service.source}}
    {% endfor %}
    </table>

    {% if principal.groups|length > 0 %}
        Groups:
        <ul>
            {% for group in principal.groups %}
                <li><a href="#{{group.link_id}}">{{group.name}}</a>
            {% endfor %}
        </ul>
    {% endif %}


    {% if principal.managed_policies|length > 0 %}
        <h4>Managed policies</h4>
        <ul>
            {% for policy in principal.managed_policies %}
                <li><a href="#{{policy.link_id}}">{{policy.name}}</a>
            {% endfor %}
        </ul>
    {% endif %}

    {% if principal.inline_policies|length > 0 %}
        <h4>Inline policies</h4>
        {% for policy in principal.inline_policies %}
            <h5>{{policy.name}}</h5><pre>{{policy.document}}</pre>
        {% endfor %}
    {% endif %}

    {% if principal.assume_role is defined %}
        <h4>AssumeRolePolicyDocument</h4>
        <pre>{{principal.assume_role}}</pre>
    {% endif %}

</div>
{% endfor %}


<hr><h2>Groups</h2>
{% for group in t.groups %}
<div class="section"><a name="{{group.link_id}}"></a>
    <h3>{{group.name}}</h3>

    {% if group.members|length > 0 %}
    <h4>Members</h4>
    <ul>
        {% for member in group.members %}
            <li><a href="#{{member.link_id}}">{{member.name}}</a>
        {% endfor %}
    </ul>
    {% else %}
        <b>WARNING: No members, this group can be removed</b>
    {% endif %}

    {% if group.managed_policies|length > 0 %}
        <h4>Managed policies</h4>
        <ul>
            {% for policy in group.managed_policies %}
                <li><a href="#{{policy.link_id}}">{{policy.name}}</a>
            {% endfor %}
        </ul>
    {% endif %}

    {% if group.inline_policies|length > 0 %}
        <h4>Inline policies</h4>
        {% for policy in group.inline_policies %}
            <h5>{{policy.name}}</h5>
            <pre>{{policy.document}}</pre>
        {% endfor %}
    {% endif %}

    {% if group.managed_policies|length == 0 and group.inline_policies|length == 0 %}
        <b>WARNING: This policy does nothing and can be removed (assuming no boundary policies).</b>
    {% endif %}
</div>
{% endfor %}



<hr><h2>Policies</h2>
{% for policy in t.policies %}
<div class="section"><a name="{{policy.link_id}}"></a>
    <h3>{{policy.name}}</h3>
    {{policy.managed}}

    {% if policy.attachments|length > 0 %}
        <h4>Attachments</h4><ul>
        <ul>
            {% for attachment in policy.attachments %}
                <li><a href="#{{attachment.link_id}}">{{attachment.name}}</a>
            {% endfor %}
        </ul>
    {% else %}
        <b>WARNING: This policy is not attached to anything and can be removed.</b>
    {% endif %}

    <h4>Policy document</h4>
    <pre>{{policy.document}}</pre>


</div>
{% endfor %}

<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>